Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Sentinel comparison

NetWitness and OpenText are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #30 with an average rating of 8.3, while OpenText is ranked #18 with an average rating of 7.7. NetWitness holds a 0.7% mindshare in SIEM, compared to OpenText’s 3.4% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 82% of OpenText users who would recommend it.
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 1,776 Views
  • 1,119 Comparison Views
75% willing to recommend
Sentinel
Read 17 Sentinel reviews
  • 3,691 Views
  • 3,617 Comparison Views
82% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Sentinel are leading contenders in the cybersecurity market. Sentinel seems to have the upper hand due to its advanced functionality and effectiveness, which users feel justifies its pricing.

Features: NetWitness Platform offers strong analytics, real-time monitoring capabilities, and robust support services. Sentinel features integration with other Microsoft services, advanced threat detection, and seamless integration in advanced networking environments.

Room For Improvement: NetWitness Platform needs enhanced scalability, better threat intelligence capabilities, and improved customization options. Sentinel could benefit from more user-friendly setup processes, better customization options, and improved user interfaces.

Ease of Deployment and Customer Service: NetWitness Platform users find customer support highly responsive but face deployment challenges. Sentinel offers quick deployment, integrates easily into existing Microsoft infrastructures, and has adequate customer support.

Pricing and ROI: NetWitness Platform is considered expensive by some users but offers justifiable ROI due to its high performance. Sentinel, while also not cheap, is viewed as providing good value due to its extensive features and integration capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. Sentinel Report (Updated: December 2025).
Buyer's Guide
NetWitness Platform vs. Sentinel
December 2025
Download the complete report
Helped 879,310 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (34th)
Sentinel
Ranking in Security Information and Event Management (SIEM)
18th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.7%, up from 0.6% compared to the previous year. The mindshare of Sentinel is 3.4%, up from 2.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Sentinel3.4%
NetWitness Platform0.7%
Other95.9%
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
MOTASHIM Al Razi
CISO at One Bank Limited
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
Simon Johnston - PeerSpot reviewer
Simon Johnston
Manager, Customer Success at Coltek Business Soltuions
Simple antivirus solution integrates well but could improve pricing and currency options
I don't really have experience working with these solutions. I promote them for our clients, but I don't work with them. I can't share my experience with these tools as I make assumptions about that. For both Adlumin and CrowdStrike, both confirm that they're scalable and enterprise-ready and all those kinds of things. We haven't had any specific problem with either of those. We just have a preference for which one we would prefer. If somebody says they want to use a different one from the one that we prefer, then we have to find reasons why they aren't. But scalability is not one of the reasons that one is better over the other. I don't really have advice for people that are looking into using Sentinel; just do your research across what is available. On a scale of one to ten, I rate Sentinel a seven.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"NetWitness can be highly beneficial for incident detection and response."
"Incident management is its most valuable feature."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The most valuable features are the packet inspection and the automated incident response."
"The solution is really scalable for the high-end power, enterprise customer."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
More NetWitness Platform pros
"The tool is simple to use."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"In my opinion, Sentinel's best features include that it's a very easy product to use, it's very simple, and the after-sale service is very good."
"The solution lets us get all the logs properly and regularly monitor customer infrastructure."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"It makes everything easier by automating some tasks and growing with our needs."
More Sentinel pros
 

Cons

"I believe that integrating the solution with other products such as Oracle would be beneficial."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"An area for improvement would be better automation and more inbuilt use cases."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"More customizability is required, which is something that they need to improve on."
"The initial setup is complex. There are other solutions that are easier to implement."
"Health monitoring of the event sources and devices."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
More NetWitness Platform cons
"There is no integration in the web-side of the tool."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"It is an ancient product."
"Price is always a consideration, so the price would be nice if it were lower."
"I rate Sentinel a six out of ten for scalability."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"The dashboard and customer view should be improved"
More Sentinel cons
 

Pricing and Cost Advice

"The product price was reasonable for my region and the market."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"We are on an annual license for the use of the solution."
"Compared to the competition, the is price is not that high."
"The licenses are good but the cost is very expensive."
"This is a pricey solution; it's not cheap."
More NetWitness Platform pricing and cost advice
"Sentinel is a subscription-based solution."
"Sentinel is moderately priced."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"The solution’s pricing is aligned with its competitors."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel's slightly on the expensive side."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
879,310 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Computer Software Company
10%
Performing Arts
8%
Comms Service Provider
7%
Computer Software Company
11%
Financial Services Firm
9%
Comms Service Provider
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise3
Large Enterprise7
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
See all answers
What is your experience regarding pricing and costs for NetIQ Sentinel?
I don't have too many comments overall about pricing as we're in South Africa, so it makes more sense if it's billed in rand. They nearly always bill it in dollars, so if it can be billed in our cu...
See all answers
What needs improvement with NetIQ Sentinel?
I'm not sure what the room for improvement is for Sentinel. It needs to stay current, and it does, so I suppose that's fine. I don't have a high demand for what it should do. Price is always a cons...
See all answers
 

Comparisons

IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 13% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 11% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 8% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 6% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 5% of the time
More NetWitness Platform Competitors
Splunk Enterprise Security vs Sentinel Logo
Splunk Enterprise Security vs Sentinel
Compared 15% of the time
IBM Security QRadar vs Sentinel Logo
IBM Security QRadar vs Sentinel
Compared 14% of the time
Wazuh vs Sentinel Logo
Wazuh vs Sentinel
Compared 11% of the time
Google Chronicle Suite vs Sentinel Logo
Google Chronicle Suite vs Sentinel
Compared 7% of the time
Cortex XSIAM vs Sentinel Logo
Cortex XSIAM vs Sentinel
Compared 6% of the time
More Sentinel Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
December 2025
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
Sentinel
December 2025
Sentinel reportDownload Sentinel product report
 

Also Known As

RSA Security Analytics
NetIQ Sentinel, Novell SIEM
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Sentinel is a full-featured Security Information and Event Management (SIEM) solution that simplifies the deployment, management and day-to-day use of SIEM, readily adapts to dynamic enterprise environments and delivers the true "actionable intelligence" security professionals need to quickly understand their threat posture and prioritize response.

OpenText
 

Sample Customers

Los Angeles World Airports, Reply
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Buyer's Guide
NetWitness Platform vs. Sentinel
December 2025
Free Report: NetWitness Platform vs. Sentinel
Find out what your peers are saying about NetWitness Platform vs. Sentinel and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,310 professionals have used our research since 2012.
See our NetWitness Platform vs. Sentinel report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.